Dog DNA Testing & Tracking: Who Let the Dogs Out?
Have you heard about the latest tech for dogs? DNA testing. This is not to find their canine ancestors over the Rainbow Bridge. This testing is used to monitor and track pet waste that is not picked up and disposed of by the dog walker. If found, collected, and tested the dog owner is held accountable and fined.
I love dogs, almost as much as helping people to decrease risks in cyberspace. During the twelve years that my two Shih Tzus walked this earth, I picked up their waste, and yes, saw a lot of dog waste left behind on the ground. I never imagined technology that would be used to find and fine the not-picker-uppers.
After more than a decade of working in the cyber and privacy risk sector, my risk tolerance level is very low. My questions turned to the 200-pound English Mastiff in the room: What data is collected, where is it shared, and is it securely stored?
I decided to find out more. First, it is not clear who collects the waste that is left behind. I imagined the ghostbusters showing up in a truck with tools to do the dirty work. Then, someone must send the waste to a lab. Next, the lab notifies the property manager or Home Owners’ Association about the culprit pooch and his or her owner. Finally, the owner receives a fine. The fines are pretty substantial, from $125 to $175 for a first offense, then higher for a second offense, and then eviction — of either the pooch, the owner, or both.
Why does this matter? It turns out that DNA testing labs have been hacked. That means personally identifiable information (aka PII) is potentially at risk in the dog DNA testing and tracking scenario (names, addresses, phone numbers, email addresses, dates of birth, and social security numbers). Not the dog’s PII; rather the owner’s PII, stored at the DNA lab.
Last summer, hackers stole email addresses from GEDmatch. As a result of the GEDmatch breach, all user permissions were reset, making all profiles visible to all users for three hours, and no longer hidden from law enforcement (as per profile settings).
Investigative genetic genealogy exploded onto the scene in 2018 with the arrest of the alleged Golden State Killer. The use of DNA data by law enforcement has caused a split within the world of genealogy. While some genealogists are now working with police, others argue that genetic privacy has been compromised.
Adding insult to injury, MyHeritage genealogy customers, who were also GEDmatch users, were the target of a phishing scam. An initial security investigation found that at least 105 users had been lured to the fake phishing website, and 16 users had been tricked into entering their credentials.
MyHeritage said they were not aware of any data being compromised on its website. The phishing website has since been taken offline, though the company advised users to be vigilant of fake websites and to use strong, unique passwords for different web services.
Keep in mind, the risk of identity theft is serious. Hackers use stolen PII for identity theft. Individuals submitting DNA samples to testing labs may not be aware of this risk. Even if the DNA sample is that of a dog, the PII of the dog owner is vulnerable.
The key is to think about the best way to log in to a website or portal. Here are some action steps:
- If the DNA lab offers two factor authentication (aka 2FA), grab it!
- Use a strong and unique password on every website, portal, or payment platform (such as PayPal).
- Regularly monitor your credit reports to find and solve red flags about identity theft.
The one thing I know is you must be cyber savvy to be cyber safe!
Dawn Kristy, The Cyber Dawn, is a proven thought leader and cyber subject matter expert who has dedicated over a decade of her career to helping people understand cyber and privacy risks and to take action to better protect their identity and data.
Watch for future posts and courses on how to be cyber savvy online on The Cyber Dawn.
Featured image (top) by 12122 from Pixabay.
